5 posts • joined 5 Mar 2008
European Identity Cards in the UK
I am (still) a UK citizen but have lived in the Netherlands for about thirty years. I have an ID card (photo and name only) and can travel to all Schengen lands with ease. I have actually never shown it. My Dutch friends can visit the UK with their same ID cards, but I need a UK passport to visit the UK.
I prefer open-source products but...
As a business architect working in the financial sector with companies that want to use open-source, three problems identify themselves.
The first is that simply Tibco et al can sell themselves better to the management and in big companies that matters.
The second, and in my view more serious, is that there really are too many products (including open source products). I am a proponent of choice but how many busses do we need and how many super-duper variations are necessary? The 80/20 rule has to be observed.
The third and most serious is the lack of support and expertise (where can I get the people with experience of that product) plus the tendency to change the thing every now and then.
There really is a need for some stability. I design systems that in terms of the business have to function for 10 or more years. The IT also has to be relatively stable for that time.
I admit that IBM and Tibco regularly come out with "better" products (for themselves I suspect), but again they have the name and some sort of justification.
What I could do with are fewer, simpler products with longer term ideals. A release every year or two is more than adequate.
Payment Terminal security
If these terminals are the same as the ones used in D, NL, BE etc. then this means that they have also access / cracked the HSM.
In the terminals the entire PIN entry + transaction amount display and approval is performed within the keyboard / display component and this also stores and manages the keys (changed at least daily). Any attempt to get to the keyboard / display results in the component being destroyed (it is a mini HSM). The component is actually part of the keyboard.
If the keyboard and display are not so constructed, then PIN use is intrinsically flawed. Is this really the case?
There is a little thing called the Payments Service Directive that comes into force in 2009 and will apply also to the UK that makes the onus for evidence and intent lie by the bank. So this measure will be of very short extent.
Standard in the Netherlands for years
They have this stuff in the Netherlands for years, at least ten. I wonder if they have looked here to see if it works or not.